package org.wso2.am.integration.tests.other;

import java.io.File;
import java.net.URL;
import java.util.ArrayList;
import java.util.HashMap;
import org.json.JSONObject;
import org.testng.Assert;
import org.testng.annotations.AfterClass;
import org.testng.annotations.BeforeClass;
import org.testng.annotations.DataProvider;
import org.testng.annotations.Factory;
import org.testng.annotations.Test;
import org.wso2.am.integration.clients.publisher.api.v1.dto.APIOperationsDTO;
import org.wso2.am.integration.clients.store.api.v1.dto.ApplicationDTO;
import org.wso2.am.integration.clients.store.api.v1.dto.ApplicationKeyDTO;
import org.wso2.am.integration.clients.store.api.v1.dto.ApplicationKeyGenerateRequestDTO;
import org.wso2.am.integration.test.utils.bean.APIRequest;
import org.wso2.am.integration.tests.api.lifecycle.APIManagerLifecycleBaseTest;
import org.wso2.am.integration.tests.restapi.RESTAPITestConstants;
import org.wso2.carbon.automation.engine.context.TestUserMode;
import org.wso2.carbon.automation.test.utils.http.client.HttpRequestUtil;
import org.wso2.carbon.integration.common.admin.client.UserManagementClient;
import org.wso2.carbon.integration.common.utils.mgt.ServerConfigurationManager;

/* loaded from: input_file:org/wso2/am/integration/tests/other/AllowedScopesTestCase.class */
public class AllowedScopesTestCase extends APIManagerLifecycleBaseTest {
    private ServerConfigurationManager serverConfigurationManager;
    private String apiEndPointUrl;
    private String apiId;
    private String applicationId;
    private final String API_END_POINT_POSTFIX_URL = "jaxrs_basic/services/customers/customerservice/";
    private final String ALLOWED_SCOPES_API = "allowedScopesAPI";
    private final String API_END_POINT_METHOD = "/customers/123";

    @Factory(dataProvider = "userModeDataProvider")
    public AllowedScopesTestCase(TestUserMode testUserMode) {
        this.userMode = testUserMode;
    }

    /* JADX WARN: Type inference failed for: r0v1, types: [java.lang.Object[], java.lang.Object[][]] */
    @DataProvider
    public static Object[][] userModeDataProvider() {
        return new Object[]{new Object[]{TestUserMode.SUPER_TENANT_ADMIN}};
    }

    @BeforeClass(alwaysRun = true)
    public void setEnvironment() throws Exception {
        super.init(this.userMode);
        this.serverConfigurationManager = new ServerConfigurationManager(this.gatewayContextWrk);
        this.serverConfigurationManager.applyConfiguration(new File(getAMResourceLocation() + File.separator + "configFiles" + File.separator + "allowedScopes" + File.separator + "deployment.toml"));
        this.userManagementClient = new UserManagementClient(this.keyManagerContext.getContextUrls().getBackEndUrl(), this.keyManagerContext.getContextTenant().getTenantAdmin().getUserName(), this.keyManagerContext.getContextTenant().getTenantAdmin().getPassword());
        this.apiEndPointUrl = this.backEndServerUrl.getWebAppURLHttp() + "jaxrs_basic/services/customers/customerservice/";
        APIRequest aPIRequest = new APIRequest("allowedScopesAPI", "allowedScopesAPI", new URL(this.apiEndPointUrl));
        aPIRequest.setVersion("1.0.0");
        ArrayList arrayList = new ArrayList();
        arrayList.add("scope1");
        arrayList.add("scope2");
        APIOperationsDTO aPIOperationsDTO = new APIOperationsDTO();
        aPIOperationsDTO.setVerb("GET");
        aPIOperationsDTO.setTarget("/customers/{id}");
        aPIOperationsDTO.setAuthType("Application & Application User");
        aPIOperationsDTO.setThrottlingPolicy("Unlimited");
        aPIOperationsDTO.setScopes(arrayList);
        ArrayList arrayList2 = new ArrayList();
        arrayList2.add(aPIOperationsDTO);
        aPIRequest.setOperationsDTOS(arrayList2);
        aPIRequest.setProvider(this.user.getUserName());
        this.apiId = this.restAPIPublisher.addAPI(aPIRequest).getData();
        createAPIRevisionAndDeployUsingRest(this.apiId, this.restAPIPublisher);
        this.restAPIPublisher.changeAPILifeCycleStatusToPublish(this.apiId, false);
        waitForAPIDeploymentSync(aPIRequest.getProvider(), aPIRequest.getName(), aPIRequest.getVersion(), "\"isApiExists\":true");
    }

    @Test(description = "Generate access token for white listed scopes and invoke APIs")
    public void testGenerateAccessTokenWithWhiteListedScopes() throws Exception {
        this.applicationId = this.restAPIStore.createApplication("TestAppScope", "Test Application", "Unlimited", ApplicationDTO.TokenTypeEnum.JWT).getData();
        Assert.assertEquals(subscribeToAPIUsingRest(this.apiId, this.applicationId, "Gold", this.restAPIStore).getResponseCode(), HTTP_RESPONSE_CODE_OK, "Subscribe of old API version request not successful  API Name:allowedScopesAPI API Version:1.0.0 API Provider Name :" + this.user.getUserName());
        ArrayList arrayList = new ArrayList();
        arrayList.add("password");
        arrayList.add("client_credentials");
        ApplicationKeyDTO generateKeys = this.restAPIStore.generateKeys(this.applicationId, "36000", "", ApplicationKeyGenerateRequestDTO.KeyTypeEnum.PRODUCTION, (ArrayList) null, arrayList);
        String consumerKey = generateKeys.getConsumerKey();
        String consumerSecret = generateKeys.getConsumerSecret();
        URL url = new URL(this.keyManagerHTTPSURL + "oauth2/token");
        JSONObject jSONObject = new JSONObject(this.restAPIStore.generateUserAccessKey(consumerKey, consumerSecret, "grant_type=password&username=" + this.user.getUserName() + "&password=" + this.user.getPassword() + "&scope=scope1", url).getData());
        org.junit.Assert.assertNotNull(jSONObject);
        org.junit.Assert.assertTrue(jSONObject.getString("scope").contains("scope1"));
        org.junit.Assert.assertTrue(jSONObject.getString("expires_in").equals("3600"));
        String string = jSONObject.getString(RESTAPITestConstants.ACCESS_TOKEN_TEXT);
        HashMap hashMap = new HashMap();
        hashMap.put("Authorization", "Bearer " + string);
        hashMap.put("accept", "text/xml");
        Assert.assertEquals(HttpRequestUtil.doGet(getAPIInvocationURLHttps("allowedScopesAPI", "1.0.0") + "/customers/123", hashMap).getResponseCode(), 200);
        JSONObject jSONObject2 = new JSONObject(this.restAPIStore.generateUserAccessKey(consumerKey, consumerSecret, "grant_type=password&username=" + this.user.getUserName() + "&password=" + this.user.getPassword() + "&scope=scope2", url).getData());
        org.junit.Assert.assertNotNull(jSONObject2);
        org.junit.Assert.assertTrue(jSONObject2.getString("scope").contains("scope2"));
        org.junit.Assert.assertTrue(jSONObject2.getString("expires_in").equals("3600"));
        String string2 = jSONObject2.getString(RESTAPITestConstants.ACCESS_TOKEN_TEXT);
        HashMap hashMap2 = new HashMap();
        hashMap2.put("Authorization", "Bearer " + string2);
        hashMap2.put("accept", "text/xml");
        Assert.assertEquals(HttpRequestUtil.doGet(getAPIInvocationURLHttps("allowedScopesAPI", "1.0.0") + "/customers/123", hashMap2).getResponseCode(), 200);
        Assert.assertEquals(HttpRequestUtil.doGet(getAPIInvocationURLHttps("allowedScopesAPI", "1.0.0") + "/customers/123", hashMap).getResponseCode(), 200);
    }

    @AfterClass(alwaysRun = true)
    public void destroy() throws Exception {
        this.restAPIStore.deleteApplication(this.applicationId);
        this.restAPIPublisher.deleteAPI(this.apiId);
        this.serverConfigurationManager.restoreToLastConfiguration();
    }
}
